| From: | arthur(dot)j(dot)odwyer(at)gmail(dot)com |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | BUG #10976: Two memory leaks in regcomp cleanup |
| Date: | 2014-07-16 19:38:28 |
| Message-ID: | 20140716193828.2503.81394@wrigleys.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 10976
Logged by: Arthur O'Dwyer
Email address: arthur(dot)j(dot)odwyer(at)gmail(dot)com
PostgreSQL version: 9.3.0
Operating system: Ubuntu Linux
Description:
When MALLOC fails, pg_regcomp leaks memory in at least two places:
(A) In freev(), the line
freesubre(info, v, v->tree);
should be
freesubre(info, NULL, v->tree);
as otherwise the "freed" subres will end up on v->treefree, which is leaked
by the cleanst() two lines later.
That is, given the precondition that there are things in v->tree that aren't
in v->treechain.
This precondition is invariably true if we are being called because
nfatree() has run out of memory here:
markst(v->tree);
cleanst(info, v); /* clears v->treechain without clearing v->tree */
[...some comments...]
re->re_info |= nfatree(info, v, v->tree, debug);
CNOERR(); /* calls freev() */
(B) newlacon() leaks memory if REALLOC returns NULL on this line:
v->lacons = (struct subre *) REALLOC(v->lacons,
(v->nlacons + 1) * sizeof(struct subre));
The fix is to use the same idiom already used everywhere else REALLOC is
called in this module.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Noah Misch | 2014-07-17 05:47:03 | Re: PostgreSQL 6.2.5 Visual Studio Build does not pass the regression tests. |
| Previous Message | Pedro Gimeno | 2014-07-16 14:53:16 | Re: Documentation problem: The syntax for "\copy" is just wrong |